home
about us
forum
testimonials
sitemap
 
 
PREV
NEXT
  

User Management Resource Administrator


Online Manual: "User Management Resource Adminstrator"
Go to: User Management Resource Administrator homepage

Script Action: Edit user logon

Function

Edit the logon settings of an existing user account . The account is identified by a variable containing the User Object. Use the action Get user (AD) to find the user first. For the user account, all regular attributes can be changes and/or reset.

Deployment

This action is typically used as one of the main action to manage existing user accounts in Active Directory. You can use this action for a single change, for instance resetting the password of an account or multiple changes like home directory, profile directory and Active Directory attributes. To change the common name (full name) of a user account, you cannot use this action. Use the action Script Action: Move - rename user (AD) instead to do this.

For this action, the user account is identified by a variable (default: %UserObject%). To execute this action successfully, the variable must have a valid value. The variable is an output variable of the action Script Action: Get user (AD). The Get User action supports several ways to find the user and fill the variable.

The Edit user action contains a large number of properties. As described above, the User Object property is used to identify the user account. Further all the properties are initially not specified. This means that the corresponding Active Directory attributes of the user account are not changed when the action is executed. So only when a property is specified, the attribute is updated in Active Directory.

Properties

Property Name

Description

Typical setting

Remarks

User Object

An data structure representing the user account. Use the action 'Get user (AD)' to find the user account in Active Directory and setup the variable that contains the 'User Object'.

%UserObject%

See Deployment section.

Username

The SAM account name of the user for which you want to edit the logon settings.

 

You should only use this option when you are not using the %UserObject% variable. Instead of the %userObject variable an user account can also be identified by the username and the domain name or the domain controller.

Domain

The domain in which the user account, for which you want to edit the logon settings, is located.

 

You should only use this option when you want to identify the user account by username and domain name.

Domain controller

The domain controller of the domain in which the user account, for which you want to edit the logon settings, is located.

 

You should only use this option when you want to identify the user account by username and domain controller

Password generator

The specification how to generate passwords for the user account

 

 

Specifies the method used to generate a password for the user account. These methods vary from simple (easy to remember) passwords to strong passwords. There are several predefined settings available.

The resulting password will be stored in a variable. By default it is stored in the variable %Password%. This variable must be specified as the value for the Password property.

Password

The password of the user account.

 

Typically the name contained in the variable %Password% is generated by the Password generator. To create the same password for all users you can specify the password here directly. For example "test1234". You can also read the password from the input file.

User must change password at next logon

The password is expired. Use this property to force the user to change the password at the next logon. Note that the user can logon using the current password.

 

When set to Yes the User cannot change password property must by set to No.

User cannot change password

The user cannot change password. When the user cannot change the password, only the administrator can change the password.

 

Valid specifications are Yes and No. This setting has no effect on members of the administrators group. When set to Yes, the User must change password at next logon property must by set to No.

Password never expires

The password should never expire on the account.

 

Valid specifications are Yes and No. The default value is No. This setting overrides the Maximum Password Age setting in the password policy for the domain/computer.

Account disabled

The user's account is disabled. If an user account is disabled, the account does exist but cannot be used to logon to the network.

 

 

Unlock the account

Unlock an user account. When an account is locked it is temporarly impossible to log on to the network. An account gets locked when an incorrect password is specified.

 

Valid specifications are Yes and No. The default value is No. When set to Yes an locked account will be unlocked. This property can only be used when an account is locked.

Help on help
Principle of operation
Project operations - Manage script action properties
Script Action: Move - rename user (AD)


Tools4ever User Forum
Topic namePosterRepliesTime
ASP script access errorRemco527/08/08
Set group membershipRemco126/08/08
UMRA Trainingxjumper65025/08/08
Form securitybarrythave211/08/08
Create a email-aliasM.Kellers128/07/08
Alter Date/Time default formatrobdos125/07/08
Special CharactersAndresg123/07/08
Expire an account when creatingJohnZ111/07/08
Error creating mailboxJohnZ110/07/08
Unlock accounttmowatt113/06/08

Home | Products | Support | Pricing | Download | Press | About Us | Contact | Sitemap
QUICK LINKS: Mass / Bulk Import Software | Network Monitoring Software | Disk Quota Management
QUICK LINKS: User and Active Directory Management | Remote Desktop Control | Free Software